Hello community, here is the log from the commit of package krb5 for openSUSE:11.4 checked in at Wed Mar 16 10:45:43 CET 2011.
-------- --- old-versions/11.4/all/krb5/krb5-mini.changes 2011-02-09 10:12:26.000000000 +0100 +++ 11.4/krb5/krb5-mini.changes 2011-03-16 08:58:52.000000000 +0100 @@ -1,0 +2,7 @@ +Mon Mar 14 12:32:19 CET 2011 - [email protected] + +- Fix vulnerability to a double-free condition in KDC daemon + (MITKRB5-SA-2011-003, bnc#671717) + CVE-2011-0284 + +------------------------------------------------------------------- krb5.changes: same change Package does not exist at destination yet. Using Fallback old-versions/11.4/all/krb5 Destination is old-versions/11.4/UPDATES/all/krb5 calling whatdependson for 11.4-i586 New: ---- krb5-1.8-MITKRB5-SA-2011-003.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-doc.spec ++++++ --- /var/tmp/diff_new_pack.HGQaP9/_old 2011-03-16 10:44:26.000000000 +0100 +++ /var/tmp/diff_new_pack.HGQaP9/_new 2011-03-16 10:44:26.000000000 +0100 @@ -21,7 +21,7 @@ Name: krb5-doc BuildRequires: ghostscript-library latex2html texlive Version: 1.8.3 -Release: 4 +Release: 5.<RELEASE2> %define srcRoot krb5-1.8.3 Summary: MIT Kerberos5 Implementation--Documentation License: MIT License (or similar) ++++++ krb5-mini.spec ++++++ --- /var/tmp/diff_new_pack.HGQaP9/_old 2011-03-16 10:44:26.000000000 +0100 +++ /var/tmp/diff_new_pack.HGQaP9/_new 2011-03-16 10:44:26.000000000 +0100 @@ -28,7 +28,7 @@ BuildRequires: bison libcom_err-devel ncurses-devel BuildRequires: keyutils keyutils-devel Version: 1.8.3 -Release: 4 +Release: 5.<RELEASE2> %if ! 0%{?build_mini} BuildRequires: libopenssl-devel openldap2-devel # bug437293 @@ -59,6 +59,7 @@ Patch13: MITKRB5-SA-2010-007-1.8.dif Patch14: krb5-1.8-MITKRB5-SA-2011-001.dif Patch15: krb5-1.8-MITKRB5-SA-2011-002.dif +Patch16: krb5-1.8-MITKRB5-SA-2011-003.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %insserv_prereq %fillup_prereq @@ -210,6 +211,7 @@ %patch13 -p1 %patch14 -p1 %patch15 -p0 +%patch16 -p1 # Rename the man pages so that they'll get generated correctly. pushd src cat %{SOURCE10} | while read manpage ; do ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.HGQaP9/_old 2011-03-16 10:44:26.000000000 +0100 +++ /var/tmp/diff_new_pack.HGQaP9/_new 2011-03-16 10:44:26.000000000 +0100 @@ -28,7 +28,7 @@ BuildRequires: bison libcom_err-devel ncurses-devel BuildRequires: keyutils keyutils-devel Version: 1.8.3 -Release: 4 +Release: 16.<RELEASE2> %if ! 0%{?build_mini} BuildRequires: libopenssl-devel openldap2-devel # bug437293 @@ -59,6 +59,7 @@ Patch13: MITKRB5-SA-2010-007-1.8.dif Patch14: krb5-1.8-MITKRB5-SA-2011-001.dif Patch15: krb5-1.8-MITKRB5-SA-2011-002.dif +Patch16: krb5-1.8-MITKRB5-SA-2011-003.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %insserv_prereq %fillup_prereq @@ -210,6 +211,7 @@ %patch13 -p1 %patch14 -p1 %patch15 -p0 +%patch16 -p1 # Rename the man pages so that they'll get generated correctly. pushd src cat %{SOURCE10} | while read manpage ; do ++++++ krb5-1.8-MITKRB5-SA-2011-003.dif ++++++ Index: krb5-1.8.1/src/kdc/do_as_req.c =================================================================== --- krb5-1.8.1.orig/src/kdc/do_as_req.c +++ krb5-1.8.1/src/kdc/do_as_req.c @@ -784,6 +784,8 @@ prepare_error_as (struct kdc_request_sta pad->contents = td[size]->data; pad->length = td[size]->length; pa[size] = pad; + td[size]->data = NULL; + td[size]->length = 0; } krb5_free_typed_data(kdc_context, td); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
